CVE-2014-4073 Information

Description

Microsoft .NET Framework 2.0 SP2 3.5 3.5.1 4 4.5 4.5.1 and 4.5.2 processes unverified data during interaction with the ClickOnce installer which allows remote attackers to gain privileges via vectors involving Internet Explorer aka .NET ClickOnce Elevation of Privilege Vulnerability.\

Reference

http://blogs.technet.com/b/srd/archive/2014/10/14/more-details-about-cve-2014-4073-elevation-of-privilege-vulnerability.aspx http://secunia.com/advisories/60969 http://www.securityfocus.com/bid/70313 http://www.securitytracker.com/id/1031021 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-057